package com.taomeng.shiro;
import com.taomeng.entity.Permission;
import com.taomeng.service.IPermissionService;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;


/**
 * 构建FilterChainDefinitionMap的工厂bean
 *
 *
 */
public class FilterChainDefinitionMapFactoryBean {
	@Autowired
	private IPermissionService permissionService;
	/**
	 * 创建FilterChainDefinitionMap
	 *  Map<String, String> key表示资源路径 value处理过滤名称
	 *
	 * @return
	 */
	public Map<String, String> createFilterChainDefinitionMap() {

		//有序Map
		Map<String,String> reslt = new LinkedHashMap<String, String>(); //order matters!
		//不需要登录就能访问
//		reslt.put("/","anon");

		reslt.put("/static/**", "anon");
		reslt.put("/index.jsp", "anon");
		reslt.put("/logout", "logout");
		reslt.put("/admin/static/**","anon");
		reslt.put("/login.jsp","anon");
		reslt.put("/public/account", "anon");
		//对需要权限才能访问的资源地址配置拦截，只要不再这儿配置都任务不需要任何权限，直接放行
		//reslt.put("/authorized.html", "perms[user:add]");//由于是代码，可以注入Service从数据库中查询

		//只要在Permission表的资源都要做权限拦截
		List<Permission> allPermissions = permissionService.getAll();
		for (Permission permission : allPermissions) {
			//reslt.put("/authorized.html", "perms[user:add]");//由于是代码，可以注入Service从数据库中查询
			reslt.put(permission.getResource(), "perms["+permission.getSn()+"]");//由于是代码，可以注入Service从数据库中查询
		}
		reslt.put("/include/*.jsp","perms[leave:student]");
/*		reslt.put("/public/leave","perms[leave:student]");
		reslt.put("/leave/submit","perms[leave:student]");*/
		//其他资源都需登录

		reslt.put("/**", "authc");

		System.out.println(reslt);
		return reslt;
	}
}
